CVE-2023-4622: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability was discovered in the Linux kernel's af_unix component in September 2023. The vulnerability (CVE-2023-4622) affects the Unix domain socket implementation and can be exploited to achieve local privilege escalation. The issue was discovered by Bing-Jhong Billy Jheng and affects Linux kernel versions up to 6.4.15 (NVD, Ubuntu).

The vulnerability exists in the unixstreamsendpage() function, which attempts to add data to the last skb in the peer's recv queue without properly locking the queue. This creates a race condition where unixstreamsendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. The issue was fixed in commit 790c2f9d15b594350ae9bca7b236f2b1859de02c. The vulnerability has been assigned a CVSS v3.1 base score of 7.0 (High) with vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD, Kernel Commit).

The vulnerability can be exploited by a local attacker to achieve privilege escalation on affected systems. The successful exploitation could allow an attacker to gain elevated privileges and potentially take complete control of the affected system (NVD, Debian Security).

The vulnerability has been fixed in various Linux distributions through security updates. Users are recommended to upgrade to patched versions: Ubuntu users should upgrade to kernel version 6.2.0-35.35 for 23.04, 5.15.0-87.97 for 22.04 LTS, and 5.4.0-165.182 for 20.04 LTS. Debian users should upgrade to version 6.1.52-1 for Bookworm. Red Hat Enterprise Linux users should apply the security update RHSA-2024:0403 (Ubuntu, Debian Security, Red Hat).